The Swiss Switch CH Company declared that the Trojan code, which attacks online banking systems of Switzerland‘s large banks was found.
Experts claim that the code is Russian; it is also capable to change settings in domain system of the computer or abduct SMS keys.
In practice the Trojan aims the victim to appear on hacker‘s site and there all requisites for access to the real banking will be taken.
The most important thing is the malicious code is capable to bypass even a two-factorial identification system; in addition it is capable to change DNS records in such a way that the client won’t notice anything. Only the fact that the system will react on fake certificates can be doubtful for users.
However one of Switch CH Company experts Daniel Stirnmann declares that the Trojan, called Retefe, after carrying out all tasks and personal data theft Trojan destructs itself from the system in order to not to be suspected by the victim.
Daniel Stirnmann emphasized that the malicious code and its algorithm are realized properly, because only some Trojans have the ability to self-destruction. The expert also reported that the Trojan has an Android component which was developed to steal SMS tokens. Most often the Trojan attacks the countries of Europe, but in certain cases the divisions of the European banks in Australia and New Zealand were exposed to its attacks and hacked.
